We're in the process of establishing a corporate office that will oversee different entities within our company, each having its own on-premises Active Directory and M365 tenant. Our goal is to centralize everything in M365, which will require tenant migration. However, we want to keep the on-premises Active Directory as is for now. With Entra Cloud Sync, is it possible to sync multiple isolated Active Directories to a single M365 tenant without write-back functionality? We aim to ensure users can manage their passwords independently without complicating things in the initial phase. Any insights on this or suggestions for alternative approaches would be greatly appreciated!
2 Answers
It seems like you're saying you want the on-prem ADs to stay isolated, but also want to sync them to a single tenant using Entra. Can you clarify what you mean by ‘disconnected’? It sounds a bit contradictory, unless I'm missing something.
Have you confirmed that Entra Cloud Sync is the best option for your needs? I'm curious why you're excluding Entra Connect Sync. Since you're going with completely separate networks, will you not have any connectivity like shared files or printers between them?
What I mean is that we don't plan on linking the AD forests with trusts or anything like that. Each AD will stay independent, but we want to use Entra to sync them to a common tenant.